From mboxrd@z Thu Jan  1 00:00:00 1970
From: Peter =?utf-8?q?M=C3=BCller?= <peter.mueller@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] kernel: disable CONFIG_ACPI_CUSTOM_METHOD on x86_64 and i586
Date: Sun, 07 Jun 2020 16:40:35 +0000
Message-ID: <5d051d38-0cf0-d6f0-994f-c0eb5dcbe5fe@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============4172944929649700237=="
List-Id: <development.lists.ipfire.org>

--===============4172944929649700237==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This is dangerous as it allows replacing the running kernel without
rebooting. Kernel Self Protection Project people recommend to keep it
disabled.

Fixes: #12372

Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
---
 config/kernel/kernel.config.i586-ipfire   | 1 -
 config/kernel/kernel.config.x86_64-ipfire | 1 -
 2 files changed, 2 deletions(-)

diff --git a/config/kernel/kernel.config.i586-ipfire b/config/kernel/kernel.c=
onfig.i586-ipfire
index 0b6e0ca08..b978a4e1f 100644
--- a/config/kernel/kernel.config.i586-ipfire
+++ b/config/kernel/kernel.config.i586-ipfire
@@ -685,7 +685,6 @@ CONFIG_ACPI_CONTAINER=3Dy
 CONFIG_ACPI_HOTPLUG_IOAPIC=3Dy
 CONFIG_ACPI_SBS=3Dm
 CONFIG_ACPI_HED=3Dy
-CONFIG_ACPI_CUSTOM_METHOD=3Dm
 # CONFIG_ACPI_BGRT is not set
 # CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set
 CONFIG_HAVE_ACPI_APEI=3Dy
diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel=
.config.x86_64-ipfire
index 27b073ec7..09ac0eff1 100644
--- a/config/kernel/kernel.config.x86_64-ipfire
+++ b/config/kernel/kernel.config.x86_64-ipfire
@@ -707,7 +707,6 @@ CONFIG_ACPI_CONTAINER=3Dy
 CONFIG_ACPI_HOTPLUG_IOAPIC=3Dy
 CONFIG_ACPI_SBS=3Dm
 CONFIG_ACPI_HED=3Dy
-CONFIG_ACPI_CUSTOM_METHOD=3Dm
 # CONFIG_ACPI_BGRT is not set
 # CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set
 CONFIG_ACPI_NFIT=3Dm
--=20
2.26.2

--===============4172944929649700237==--